So today there was a string of posts on twitter that ended up with a statement from @santinorizzo about why we built networks in the first place. “No, traditional networking has always been about connecting hosts, not delivering apps.” This was the quote. I will start by saying I do not agree at all. I will also own up right now and say that I don’t think that @santinorizzo meant this as literally as I am taking it but it did get me thinking alot. So I wanted to respond in a post. Sometimes you just can’t say what you need to say on Twitter. I am also going to offer to guest post his side of this on here or cross post to where ever he feels is appropriate to respond. I respect him a lot so lets all keep that in mind.
So why do we build networks? In my mind from the very earliest networks there was an application that the network was designed to support. That brings me to what is an application: According to Wikipedia “Application software applies the power of a particular computing platform or system software to a particular purpose.” With that established lets talk about a few networks and what their core application or applications were/are.
- SAGE: The network was basic early telco. The application was IADS. Without the systems (application) the network was useless.
- SABRE: This network enabled systems to communicate with the core application being airline reservation management. What is really cool about this is that SABRE is still in use today.
- ARPANET: “the ARPANET came out of our frustration that there were only a limited number of large, powerful research computers in the country, and that many research investigators, who should have access to them, were geographically separated from them.” While this comes close to the connecting node concept I would still argue there is a core application and in the raw from the application was remote access to the systems that ARPANET connected.
- SAN: So far I have talked about macro networks and their initial uses. In this case the network has a localized goal which is to attach single or multiple storage systems (Arrays, TAPE, other Block Level) to multiple Computer hosts. The application in this case is the storage.
Now it is more common that networks have multiple application purposes wether it be the internet or private corporate networks applications run the range from web apps to email servers, and even storage in the form of NAS and CIFS.
So the case for networks being application centric is pretty straight forward in my mind. Yes some of the applications are basic and some include lots of moving parts but at the core it is still the applications. So in the tweetoff @santinorizzo also made the following statement; “If app delivery was the goal, we wouldnt need special devices like load balancer and firewalls… those policies would already be inherent to the network, at the edge with the app.”
I really wanted to address this. I read a book a few years ago: Patterns in Network Architecture: A Return to Fundamentals the author broke down modern application/network protocols like SMTP. The reality is that they never intended for it to be email. They never planned for smartphones, wired appliances, the WWW and lots of other things. They wanted remote access to systems and they wanted to do cool things. Extrapolate that to today and we are still using the same arguably broken protocols. Also we have silo’d our IT structures to the Nth degree. So its is highly uncommon in my experience to find a developer that actually understands networking and the challenges and implications of building network based applications. For that matter its hard to find a systems admin that does either. Case in point Web 2.0 applications like Digg struggled because they were just doing something cool and next thing they knew they had to scale that application onto the network.
So addressing the Load Balancer portion of @santinorizzo statement sure the application could do it. Some applications do. But most developers dont do it. Either they don’t get it, don’t have the budget or they don’t have the time. Plus why re-invent the wheel if you can throw a Kemp, F5 or A10 at it. You will also find lots of devs who just don’t feel that adding that complexity to the application is the right thing to do. I’m torn on that. Being the owner of very complex custom platform I really don’t want more bells and whistles to break on my application. Therefore I am happy to have basic load balancers to deal with the HTTP balancing. But It may also be cheaper in the long run to have the apps do it. Either way it does not change the the network is designed to deliver these apps and not simply to connect nodes together.
Concerning the firewall portion of the statement, they are a sad byproduct of screwed up human nature. When ARPANET started no one really cared who saw what. They were researchers and they had system level security that kind of protected their stuff. But when that expanded and kept expanding the people who had access were not quite as benign. Plus lots of the data on those connected systems was real research into other fields that had value in accessing and even stealing. So over time the concept of firewalls came to be. For my entire career I have been hear of no firewall movements and how firewalls are really no defense at all. All that is really moot. If the core argument is that if the network is just path and just application transport then the app should handle the firewall well…then it is right and wrong. It is right in the sense that yes the app can be built to defend itself but that also means exponential amounts of code and bug management over central or host based firewalls. Don’t get me wrong apps should be coded securely in the first place. But no matter how hard you try in time something or someone will be able to find an exploit through a framework, third party extension or in the code itself. The wrong part comes in the fact that the firewall itself is yet another application of the network. We don’t need firewalls to route and switch. Some people say ditch them and let the application host server handle it…still that is and app.
So at HS essay word count its time to wrap this up. All networks are built for a business application purpose. Very likely @santinorizzo will not disagree with this but instead have thoughts around SDN and how networks have change in the past 10 years especially with the acceleration in the past 3 years. But as I told him the sparring got me thinking. And I felt the need to put those thoughts into writing. If nothing else I hope you all read Patterns in Network Architecture: A Return to Fundamentals it was eye opening to me when I became a Sr. Consulting Engineer about 7 years ago and this discussion has me wanting to read it again.